Read on:
Beginners’ Guide for Microsoft Hyper-V: Windows Kubernetes Load Balancer – Part 42
Previously, we looked at Windows Kubernetes ingress controllers, what they are, and what they do. This post will look at configuring an ingress route for a simple web service inside a Kubernetes cluster, using the Traefik ingress controller we configured previously. What does it take to bring traffic into our Kubernetes cluster to a simple web service using an ingress controller?
What is an ingress controller?
We have covered this previously. However, for a brief review, an ingress controller is a special resource deployed in the Kubernetes cluster that proxies service requests coming into the cluster for specific applications. It internally routes traffic based on rules configured to allow routing requests to internal services. Like any other service in a Kubernetes cluster, it must have a NodePort or LoadBalancer to expose itself to the external network.
Traefik is a free and open-source ingress controller providing many capabilities and functionality to bring traffic into a Kubernetes cluster and allow routing the requests to the appropriate service configured internally in the cluster.
Traefik routers and rules
The Traefik ingress controller with our Windows Kubernetes cluster running in Hyper-V works to get traffic into the Kubernetes cluster with a construct known as a router. A router in Traefik is a mechanism to connect incoming requests into the Kubernetes cluster with the internal services that handle the requests. The Traefik routers use rules to match the configured values with the request to forward the request to the desired service.
Deploy a quick NGINX web server for testing
We can deploy a quick NGINX web server to play around with routing traffic coming into our Kubernetes cluster using Traefik. You can easily deploy an NGINX web server for testing using the following commands:
sudo microk8s helm repo add bitnami https://charts.bitnami.com/bitnami
sudo microk8s helm install mywebserver bitnami/nginx
We can use the command below to ensure the new web service is up and running:
Sudo microk8s kubectl get svc
Now that we have a service to test Traefik routing, we can configure an ingress route to route traffic into the NGINX web server correctly.
Create a Traefik Ingress route
For Traefik ingress routing, we can create a new YAML file that contains the following configuration. You can create the file in your home directory, temp directory, or somewhere else you can access on the Linux file system.
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: my-nginx-ingress
namespace: default
spec:
entryPoints:
– web
– websecure
routes:
– kind: Rule
match: Host(`nginx.cloud.local`)
services:
– name: my-nginx
port: 80
Note the above. We are creating both the web and websecure entry points. It means our NGINX service will be available for routing to the hostname “nginx.cloud.local” for ports 80 and 443. Once you have the configuration set in the YAML file, save your changes.
Applying the ingress route configuration
Once the file is created, we can easily apply the configuration to our Kubernetes cluster. The process for applying your ingress route involves running the following command:
Once you apply the ingress route, you will see a message similar to ingressroute.traefik.containo.us/my-nginx-ingress created. It lets you know the ingress route is applied to the cluster and should be working.
DNS names and routing
As you can see in the above ingress route configuration, we have a rule that will match the host “nginx.cloud.local.” It means Traefik will need to see traffic destined for that hostname before it will be routed correctly to the internal NGINX web service.
You will need to make sure you have DNS records configured for this hostname so clients can resolve the NGINX web server using the DNS name configured. Like any other web server configured with traditional “bindings” for various hostnames, Traefik will route the incoming requests based on the hostname it receives.
Testing the Windows Kubernetes ingress route configuration
Now that we have the ingress route created and have ensured DNS is configured correctly to resolve the hostname referenced by the Traefik ingress route, we should be able to test the configuration. In a browser, we should be able to browse out to the hostname configured in the Traefik ingress route configuration. As you can see below, we can browse to nginx.cloud.local on either port 80 or 443.
Windows Kubernetes ingress route configuration FAQs
What is the purpose of ingress?
In a Kubernetes cluster, an ingress allows traffic into the Kubernetes controller to access services configured in the internal cluster resources. Ingress controllers combined with a bare metal load balancer like MetalLB allow admins to provide access to resources efficiently in a bare-metal, self-hosted Kubernetes cluster. An ingress controller can efficiently route traffic to internal resources based on the hostname attached to the service request.
What is Traefik?
Traefik is a free and open-source ingress controller providing many powerful capabilities for Kubernetes ingress functionality. With Traefik, you can create ingress routes among many other constructs allowing you to route traffic efficiently, based on rules, including the request’s hostname.
What is an ingress route configuration?
The ingress route configuration defines the parameters for how traffic is routed internally in the Kubernetes cluster based on received requests. Traefik automatically requests endpoint information based on the service provided in the ingress specification. Although Traefik will connect directly to internal pods, it also checks the service port to see if TLS communication is required.
Wrapping up
Hyper-V beginners can easily play around with Windows Kubernetes ingress route configuration using Microk8s and Traefik. Traefik is an open-source ingress solution that easily configures rule-based routing of ingress services. In addition, it provides a robust configuration structure allowing you to customize how traffic makes it into your Kubernetes cluster and which services are called.
Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.
